The world is recovering after the WannaCry fiasco, and data provided by security company Kaspersky indicate that Windows 7 users are busier than others because this particular OS version accounted for nearly 98 percent of all infections with the ransomware.

Specifically, more than 60 percent of the computers that were compromised by WannaCry were running the 64-bit versions of Windows 7, while the 32-bit flavor of the operating system was the runner-up with nearly 32 percent.

Ironically, Windows 7 was supposed to be secure against WannaCry, as Microsoft shipped patches to block the infection in March this year, and since it’s still supported, this OS version received them as well.
"Windows 7, still the world’s number one desktop OS"

One the other hand, seeing Windows 7 the most affected desktop operating system in the WannaCry saga kind of makes sense given that it’s currently the world’s top PC platform with a share that’s close to 50 percent. This means that nearly 1 in 2 desktop systems out there are running Windows 7, and this explains why so many computers ended up infected with the ransomware.

At the same time, Windows 7 is also suffering from a high piracy rate, with many systems out there, especially in countries like China and Russia, still running copies of the operating system that are not genuine.

Even though cracking methods have improved, there are releases that cannot be updated every month, with users blocking updates to prevent their copy of the operating system from performing a check for genuine product keys.

Windows 7 will continue to be supported until January 2020, so systems running it will still get updates for nearly 3 more years. To remain secure against attacks like WannaCry, however, it’s essential for users to install the latest patches as soon as possible, but also to start plan the migration to a newer Windows version in order to remain protected when end-of-life is reached as well.

Windows 7 was the biggest victim of the WannaCry outburst, with statistics provided by Kaspersky confirming that the operating system launched in 2009 accounted for nearly 98 percent of all infections.

But there’s also another side of the story: Windows XP, which launched in 2001 and is considered super-vulnerable to hacker attacks, represented only a very small number of attacks, even though most people expected it to be the main target of the ransomware.

“The Windows XP count is insignificant,” Costin Raiu, director of Global Research and Analysis Team at Kaspersky, explained, confirming that Windows 7 was the Windows version that was hit the hardest.
"The Windows XP patching saga"

Paradoxically, Windows XP was the latest Windows version to receive the WannaCry patch, as Microsoft decided to publish it separately only after the number of infections across the world skyrocketed.

Windows XP no longer receives support since April 2014, so when releasing updates to fix the vulnerability on the March 2017 Patch Tuesday, Windows XP was left out, with Microsoft’s targets being Windows Vista, Windows 7, Windows 8.1, and Windows 10.

On the other hand, a Windows XP patch was developed internally, only that Microsoft rolled it out to customers paying for custom support for the operating system. The patch was developed in February, shortly after Microsoft became aware of the vulnerability that was stolen from the NSA and published online by hacking group Shadow Brokers.

Microsoft eventually decided to publish it online for all users, in order to help them remain secure against the ransomware outburst, but it’s not yet clear how many of these users actually installed it.

One thing is for sure though: Windows XP wasn’t the biggest victim of the WannaCry fiasco, despite the 7 percent market share that it still holds more than 3 years after it reached end of support.

Of course, this doesn’t mean that Windows XP is secure and malware won’t target it in the future. In fact, the WannaCry ransomware should be a wake-up call for all users who are still running it, as upgrading to supported Windows is the only way to prevent becoming a victim to cyber attacks.